Definition

content spoofing

Content spoofing is a type of exploit used by a malicious hackers to present a faked or modified Web site to the user as if it were legitimate. The intent is, typically, to defraud victims (as in phishing) although sometimes the purpose is simply to misrepresent an organization or an individual. Content spoofing often exploits an established trust relationship between a computer user and an organization.

The attacker typically leads an Internet user to spoofed content through e-mail, bulletin-board postings and chat-room transmissions. In some cases, an attacker may modify information and links in an established Web site by accessing and altering content on the server. The latter type of content spoofing is more difficult to detect because there is no readily apparent difference to the casual observer.

The most dangerous content spoofing is done with DHTML (dynamic HTML) content sources such as forms and log-in applications. When a Web page with spoofed content is viewed by an Internet user, the location bar displays what appears to be a legitimate URL. However, the attacker has generated or altered by the page. As a result, when the user enters sensitive data (such as a credit card number, password, bank account number, birth date, or Social Security number), the attacker can obtain the data for identity theft or some other fraudulent purpose.

This was last updated in September 2006

Continue Reading About content spoofing

The Web Application Security Consortium describes content spoofing and provides an example of how it is done.

Secunia identifies a content spoofing vulnerability in Windows, and provides links to appropriate patches.

Dig Deeper on Internet Application Security

All
News
Get Started
Evaluate
Manage
Problem Solve

Start the conversation

Send me notifications when other members comment.

-ADS BY GOOGLE

File Extensions and File Formats

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S

T
U
V
W
X
Y
Z
#

SearchMicroservices

5 common traps lurking in RESTful development

Unfortunately, many RESTful API developers fall into the same traps during design. Here are five common mistakes that you can ...
These tools help build microservices in Java

Depending on the mission, developers need to align their tool choices with one of two paths for Java microservices. Here's what ...
How Google Cloud Build helps microservices build automation

Google Cloud Build has the potential to play a valuable and reliable role in CI/CD pipelines for microservices development. Learn...

TheServerSide.com

Master-slave terminology alternatives you can use right now

Software companies have found alternatives for master-slave terminology to describe their distributed systems. It's time for the ...
RESTful parameters antipattern considerations for queries, paths

Choose carefully for path and query parameters in URL design. Lackluster choices in the design phase can plague client resource ...
Developers find cautious optimism for serverless platforms

Experts urge cautious optimism around serverless development. It has its benefits, but tools that don't work as expected and a ...

SearchCloudApplications

Microsoft Azure Dev Spaces, Google Jib target Kubernetes woes

Microsoft Azure and Google Cloud both added cloud application development tools that improve and simplify the process of creating...
With progressive web applications, developers blur the lines

With progressive web applications, single-page apps, motion UI and other innovations, app development meets the moment, giving ...
Web app development morphs as apps and websites merge

The lines between web and mobile app and websites are blurring, so development silos are out, and boning up on building ...

SearchAWS

AWS Lambda functions become more flexible, but use caution

AWS Lambda added custom runtimes and longer timeouts. Review the benefits, such as flexibility and easier migration, along with ...
AWS' blockchain approach takes divergent paths

AWS was slow to embrace blockchain but now offers two approaches to the concept. Review the specs of Quantum Ledger Database and ...
AWS Control Tower aims to simplify multi-account management

Many organizations struggle to manage their massive collection of AWS accounts, but Control Tower could help. The service ...

SearchBusinessAnalytics

Tableau Ask Data gives BI users simple NLP data query tool

Tableau's new Ask Data software uses natural language processing to enable users of any skill level to more easily search for ...
Expert urges data pros to hone data science skills

IT expert William McKnight shares job tips for data professionals looking to prosper in a changing enterprise. His first piece of...
Demand for data scientists is booming and will only increase

Fueled by big data and AI, demand for data science skills is growing exponentially, according to job sites. The supply of skilled...

SearchHRSoftware

LinkedIn's recruiting platform billed as 'Intelligent Hiring Experience'

LinkedIn's use of AI requires the sharing of data. It is one reason why the company is combining its talent tools into one system...
HR chatbots take on recruitment, benefits tasks

HR chatbots are taking on straightforward administrative tasks in recruitment and benefits. And that could be a good thing for HR...
Despite demand, few job ads cite flexible work options

Flexible work options are desirable, but not advertised. Hired has acquired Py, a platform used by employers to assess a ...

SearchHealthIT

ONC, CMS strive for a competitive healthcare market with open APIs

Newly proposed rules from CMS and ONC aren't just about fostering interoperability and patient data access, they're also about ...
Population health management programs require goal alignment

In this Q&A, KLAS population health researcher Bradley Hunter says successful population health management programs hinge on goal...
The lead-up to HIMSS 2019: CIOs look for innovation

CIOs attending the CHIME-HIMSS 2019 CIO Forum said they're focused on AI developments, security trends and a better way to build ...

DevOpsAgenda

How to bust security silos and secure your operation

DevOps means velocity, though, not at security's expense. Rapid7's Jen Andre thinks automation and orchestration strategies can ...
The first step from Agile to DevOps is a pilot project

Agile to DevOps isn't as perilous as Waterfall to Agile, but it will take measurable goals and an efficient pilot project to ...
Best practices for DevOps compliance and reusability

You know you want to scale with a model-driven process. So how do you make it work? Start with these best practices for ...

Close